Orpak SiteOmat OrCU Code Injection Vulnerability
CVE-2017-14853 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. By tampering with the request, an attacker is able to run shell commands and receive valid output from the device.
Learn more about our Web Application Penetration Testing UK.